Hi Darragh,
Thank you soo Much! That was it! Now I am able to connect to the VM with
no issues.

But I am back to another network issue I had when I had Folsom installed
on the same setup.
I would really appreciate if you can provide any pointers here.

I able to spawn VM get IP, set floating IP and now am trying to do some
development within the VM.
I am unable to connect to certain sites and ports:
git clone https://github.com/openstack-dev/devstack.git - <-- This just
times out.

This is what works:
Wget google.com
Wget openstack.com
This is what hangs and times out:

Wget yahoo.com
Wget paypal.com
Wget facebook.com
Wget github.com
ubuntu@fpatwa-1:~$ wget github.com
--2013-05-10 19:08:19--  http://github.com/
Resolving github.com (github.com)...
Connecting to github.com (github.com)||:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://github.com/ [following]
--2013-05-10 19:08:20--  https://github.com/
Connecting to github.com (github.com)||:443... connected.


The same commands works on the network node.

The pattern that I can see is that any SSL website fails (port 443) but
then something like yahoo fails also and its at port 80.

Here are my security rules:
| IP Protocol | From Port | To Port | IP Range  | Source Group |
| icmp        | -1        | -1      | |              |
| tcp         | 1         | 65535   | |              |
| tcp         | 22        | 22      | |              |
| udp         | 1         | 65535   | |              |

I have messed around with all kinds of combinations of security rules but
no luck so far.



On 5/28/13 3:28 PM, "Darragh O'Reilly" <dara2002-openst...@yahoo.com>

>the ping error "connect: Network is unreachable" means a route could not
>be found.
>The gateway for the external subnet is not in the subnet
>So I guess a default route was not setup here:
>netnode$ ip netns exec <router ns> route -n
>You will need to create the subnet with a CIDR that includes the gateway
>ip - something like this:
>quantum subnet-create <ext-net-id> --gateway
> --enable_dhcp False
>----- Original Message -----
>> From: Farhan Patwa <farhan.pa...@utsa.edu>
>> To: Darragh OReilly <darragh.orei...@yahoo.com>; OpenStack Maillist
>> Cc: 
>> Sent: Tuesday, 28 May 2013, 19:52
>> Subject: Re: [Openstack] VM Issues on Grizzly Install on Ubuntu 12.04
>> Hi Darragh,
>> Thanks a lot for your reply and suggestions.
>> I am not able to ping the gateway ip from the namespace.
>> Also eth0 is up but br-ex has unknown state?
>> #######################
>> root@openstack-2:~# ip link
>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
>>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP
>> 1000
>>     link/ether 78:2b:cb:27:1f:c8 brd ff:ff:ff:ff:ff:ff
>> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP
>> 1000
>>     link/ether 78:2b:cb:27:1f:c9 brd ff:ff:ff:ff:ff:ff
>> 4: br-int: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
>>     link/ether f2:3b:f7:1b:b0:46 brd ff:ff:ff:ff:ff:ff
>> 6: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
>>     link/ether 78:2b:cb:27:1f:c8 brd ff:ff:ff:ff:ff:ff
>> 32: br-tun: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
>>     link/ether 7e:6c:65:0f:c9:43 brd ff:ff:ff:ff:ff:ff
>> #######################
>> Here is the result of the tcpdump as ping is being done:
>> #######################
>> root@openstack-2:~# ip netns exec
>> qrouter-32f35fb4-f9f1-4817-8818-fff832f73810 ping  -c1
>> connect: Network is unreachable
>> root@openstack-2:~# tcpdump -nei eth0
>> tcpdump: WARNING: eth0: no IPv4 address assigned
>> tcpdump: verbose output suppressed, use -v or -vv for full protocol
>> listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
>> 13:46:31.399055 00:26:88:7a:40:87 > 01:80:c2:00:00:00, 802.3, length 60:
>> LLC, dsap STP (0x42) Individual, ssap STP (0x42) Command, ctrl 0x03: STP
>> 802.1w, Rapid STP, Flags [Proposal], bridge-id
>> 8000.00:26:88:7a:40:81.8205, length 43
>> 13:46:33.259195 c2:35:07:e7:b0:10 > ff:ff:ff:ff:ff:ff, ethertype ARP
>> (0x0806), length 60: Reply is-at c2:35:07:e7:b0:10, length
>> 13:46:33.313988 00:26:88:7a:40:87 > 01:80:c2:00:00:00, 802.3, length 60:
>> LLC, dsap STP (0x42) Individual, ssap STP (0x42) Command, ctrl 0x03: STP
>> 802.1w, Rapid STP, Flags [Proposal], bridge-id
>> 8000.00:26:88:7a:40:81.8205, length 43
>> #######################
>> The other information that you wanted is:
>> #######################
>> root@openstack-2:~# ip link
>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
>> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP
>> 1000
>> link/ether 78:2b:cb:27:1f:c8 brd ff:ff:ff:ff:ff:ff
>> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP
>> 1000
>> link/ether 78:2b:cb:27:1f:c9 brd ff:ff:ff:ff:ff:ff
>> 4: br-int: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
>> link/ether f2:3b:f7:1b:b0:46 brd ff:ff:ff:ff:ff:ff
>> 6: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
>> link/ether 78:2b:cb:27:1f:c8 brd ff:ff:ff:ff:ff:ff
>> 32: br-tun: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
>> link/ether 7e:6c:65:0f:c9:43 brd ff:ff:ff:ff:ff:ff
>> #######################
>> root@openstack-2:~# ip netns exec
>> qrouter-32f35fb4-f9f1-4817-8818-fff832f73810 ip address
>> 25: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
>>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>>     inet scope host lo
>>     inet6 ::1/128 scope host
>>        valid_lft forever preferred_lft forever
>> 39: qr-eebfe1cb-0f: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
>> noqueue state UNKNOWN
>>     link/ether fa:16:3e:08:16:19 brd ff:ff:ff:ff:ff:ff
>>     inet brd scope global qr-eebfe1cb-0f
>>     inet6 fe80::f816:3eff:fe08:1619/64 scope link
>>        valid_lft forever preferred_lft forever
>> 40: qg-910fef3b-cb: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
>> noqueue state UNKNOWN
>>     link/ether fa:16:3e:e3:d5:fa brd ff:ff:ff:ff:ff:ff
>>     inet brd scope global qg-910fef3b-cb
>>     inet brd scope global qg-910fef3b-cb
>>     inet6 fe80::f816:3eff:fee3:d5fa/64 scope link
>>        valid_lft forever preferred_lft forever
>> #######################
>> root@openstack-2:~# quantum net-show
>> +---------------------------+--------------------------------------+
>> | Field                     | Value                                |
>> +---------------------------+--------------------------------------+
>> | admin_state_up            | True                                 |
>> | id                        | 37d27ee8-36a9-4cdb-9966-9b5571526b41 |
>> | name                      | ext_net                              |
>> | provider:network_type     | gre                                  |
>> | provider:physical_network |                                      |
>> | provider:segmentation_id  | 1                                    |
>> | router:external           | True                                 |
>> | shared                    | True                                 |
>> | status                    | ACTIVE                               |
>> | subnets                   | dd6f08f5-bfbd-4bdb-b9e4-c5ca065f3750 |
>> | tenant_id                 | 2990df1bd46c4dda915b43558d591a2f     |
>> +---------------------------+--------------------------------------+
>> #######################
>> root@openstack-2:~# quantum subnet-show
>> dd6f08f5-bfbd-4bdb-b9e4-c5ca065f3750
>> | Field            | Value
>> |
>> | allocation_pools | {"start": "",
>> "end": ""} |
>> | cidr             |
>> |
>> | dns_nameservers  |
>> |
>> | enable_dhcp      | False
>> |
>> | gateway_ip       |
>> |
>> | host_routes      |
>> |
>> | id               | dd6f08f5-bfbd-4bdb-b9e4-c5ca065f3750
>> |
>> | ip_version       | 4
>> |
>> | name             |
>> |
>> | network_id       | 37d27ee8-36a9-4cdb-9966-9b5571526b41
>> |
>> | tenant_id        | 2990df1bd46c4dda915b43558d591a2f
>> |
>> #######################
>> Thanks,
>> -Farhan.
>> On 5/27/13 4:08 AM, "Darragh OReilly"
>> <darragh.orei...@yahoo.com> wrote:
>>> I'd check the external network config first.
>>> You should be able to ping the external subnet's gateway from the
>>> namespace.
>>> This gateway should correspond to some real external gateway/router.
>>> quantum subnet-show <ext sub id> -c gateway_ip   # ?
>>> ip netns exec <router-ns> ping -c1 <ext sub gateway>
>>> If that is not working use tcpdump as you ping. Br-ex is using eth0, is
>>> eth0 up? tcpdump -nei eth0
>>> If you are still having problems, post the above output and the
>>> # network node
>>> ip link 
>>> ip netns exec <router-ns> ip address
>>> quantum net-show <uuid of external net>
>>> quantum subnet-show <uuid of external subnet>
>>>> ________________________________
>>>>  From: Farhan Patwa <farhan.pa...@utsa.edu>
>>>> To: OpenStack Maillist <openstack@lists.launchpad.net>
>>>> Sent: Friday, 24 May 2013, 20:28
>>>> Subject: [Openstack] VM Issues on Grizzly Install on Ubuntu 12.04
>>>> Hello,
>>>> I followed the following guide to install Grizzly release on 3-node
>>>> setup.
>>>> _intro.html
>>>> I am stuck at my last issue with Quantum networking (at least that¹s
>>>> what I think).
>>>> The VM instance comes up and gets the private IP and the metadata.
>>>> Also I have assigned the floating IP to it but am not able to ping
>>>> either IP except when I use:
>>>> ip netns exec qrouter-32f35fb4-f9f1-4817-8818-fff832f73810 ping
>>>>       <- fixed IP ­ private network
>>>> ip netns exec qrouter-32f35fb4-f9f1-4817-8818-fff832f73810 ping
>>>>  <- floating IP ­ external network
>>>> Based on that I think the security rules are okay
>>>> The router is tied to the specified tenant and using gateway of the
>>>> external network.
>>>> I  think the issue is routing table or maybe firewall related but not
>>>> sure how to debug this.
>>>> Some details of my environment are below.
>>>> Any one have any words of wisdom/guidance?
>>>> Thanks,
>>>> -Farhan.
>>>> Management Network:
>>>> Data Network:
>>>> External Network:
>>>> Network Node: (
>>>> ovs-vsctl show
>>>> ea4fa894-5986-40f2-b10b-55eef2222408
>>>>     Bridge br-tun
>>>>         Port patch-int
>>>>             Interface patch-int
>>>>                 type: patch
>>>>                 options: {peer=patch-tun}
>>>>         Port "gre-1"
>>>>             Interface "gre-1"
>>>>                 type: gre
>>>>                 options: {in_key=flow, out_key=flow,
>>>> remote_ip=""}
>>>>         Port br-tun
>>>>             Interface br-tun
>>>>                 type: internal
>>>>     Bridge br-int
>>>>         Port "tap3fca71a9-c8"
>>>>             tag: 4095
>>>>             Interface "tap3fca71a9-c8"
>>>>                 type: internal
>>>>         Port patch-tun
>>>>             Interface patch-tun
>>>>                 type: patch
>>>>                 options: {peer=patch-int}
>>>>         Port "tap4b8a22a2-9c"
>>>>             tag: 4095
>>>>             Interface "tap4b8a22a2-9c"
>>>>                 type: internal
>>>>         Port "tap633ed611-a9"
>>>>             tag: 1
>>>>             Interface "tap633ed611-a9"
>>>>                 type: internal
>>>>         Port "qr-eebfe1cb-0f"
>>>>             tag: 1
>>>>             Interface "qr-eebfe1cb-0f"
>>>>                 type: internal
>>>>         Port br-int
>>>>             Interface br-int
>>>>                 type: internal
>>>>     Bridge br-ex
>>>>         Port "eth0"
>>>>             Interface "eth0"
>>>>         Port br-ex
>>>>             Interface br-ex
>>>>                 type: internal
>>>>         Port "qg-910fef3b-cb"
>>>>             Interface "qg-910fef3b-cb"
>>>>                 type: internal
>>>>     ovs_version: "1.4.0+build0"
>>>> Kernel IP routing table
>>>> Destination     Gateway         Genmask         Flags Metric Ref
>>>> Iface
>>>>         UG    0      0
>>>> eth1
>>>>   U     0      0
>>>> eth1
>>>>   U     0      0
>>>> br-ex
>>>>   U     0      0
>>>> eth1
>>>> Compute Node: (
>>>> ovs-vsctl show
>>>> f0fe78a5-dfd0-4f6b-87be-466dac0b4473
>>>>     Bridge br-tun
>>>>         Port patch-int
>>>>             Interface patch-int
>>>>                 type: patch
>>>>                 options: {peer=patch-tun}
>>>>         Port br-tun
>>>>             Interface br-tun
>>>>                 type: internal
>>>>         Port "gre-2"
>>>>             Interface "gre-2"
>>>>                 type: gre
>>>>                 options: {in_key=flow, out_key=flow,
>>>> remote_ip=""}
>>>>     Bridge br-int
>>>>         Port patch-tun
>>>>             Interface patch-tun
>>>>                 type: patch
>>>>                 options: {peer=patch-int}
>>>>         Port br-int
>>>>             Interface br-int
>>>>                 type: internal
>>>>         Port "tap6514a8cc-b2"
>>>>             tag: 1
>>>>             Interface "tap6514a8cc-b2"
>>>>     ovs_version: "1.4.0+build0"
>>>> Kernel IP routing table
>>>> Destination     Gateway         Genmask         Flags Metric Ref
>>>> Iface
>>>>         UG    0      0
>>>> eth1
>>>>   U     0      0
>>>> eth1
>>>>   U     0      0
>>>> eth0
>>>>   U     0      0
>>>> eth1
>>>> _______________________________________________
>>>> Mailing list: https://launchpad.net/~openstack
>>>> Post to     : openstack@lists.launchpad.net
>>>> Unsubscribe : https://launchpad.net/~openstack
>>>> More help   : https://help.launchpad.net/ListHelp
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to     : openstack@lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~openstack
>> More help   : https://help.launchpad.net/ListHelp

Mailing list: https://launchpad.net/~openstack
Post to     : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp

Reply via email to